Iran’s crude industry has been the target of a cyber attack, crippling some computer systems at the Oil Ministry, the National Iranian Oil Co. and several other state-owned businesses, according to government officials.
The damage may be more widespread than earlier reported by state-run agencies. Yesterday’s attack, which disrupted the Internet, was detected before it could spread more widely, the Mehr news agency said today.
The systems were down and may be affected by the malicious software for several days, said one of two officials at the ministry and the company who confirmed the attack. They declined to be identified because they aren’t allowed to comment.
The software hasn’t affected production and distribution of crude to terminals in the Persian Gulf, Mehr said without saying where it got the information. It’s at least the second time in two years that so-called malware has hit government-related computer systems in Iran, the second-largest crude producer in the Organization of Petroleum Exporting Countries after Saudi Arabia.
The cyber attack caused limited damage and didn’t affect the Oil Ministry and NIOC’s key data, Ali Nikzad, a ministry spokesman, told the state-run Fars news agency. Only a server providing public information has been harmed, Nikzad said.
The ministry has established a “crisis headquarters” to respond to the attack, Mehr said today, citing the deputy oil minister for engineering affairs, Hamdollah Mohammadnejad.
The Internet access of employees in the Tehran offices and operational sites of the Oil Ministry, NIOC, the National Iranian Oil Refining and Distribution Co. as well as Iran’s National Petrochemical Co. has been interrupted in an effort to contain the malware, Mehr said, citing an unidentified official with the National Iranian Oil Refining and Distribution Co.
Iran’s financial and energy industries are the target of sanctions imposed by the U.S. and European Union in an attempt to force the government to curb its nuclear program. An EU oil embargo against Iranian oil is set to go into effect July 1.
Two years ago, malicious software known as Stuxnet affected computer systems and several centrifuges used in Iran’s nuclear program to enrich uranium, Iranian officials said at the time. Stuxnet may have been part of a campaign to disrupt Iranian nuclear installations, international computer-security researchers have said.
The latest attack comes a week after Iran and the world powers ended a 15-month stalemate on discussions about the country’s nuclear program. Iran and the five permanent United Nations Security Council members -- the U.S., Britain, China, France, and Russia -- plus Germany agreed to reconvene for talks in Baghdad May 23.
Iran’s uranium-enrichment program is at the center of the dispute between the U.S., its allies and Iran. Iran denies allegations it’s trying to build atomic weapons and says it is producing uranium to use as fuel in nuclear reactors and generate electricity.